Allow null initiator for qute:// URLs on Qt 5.11

Before Qt 5.11.2, for unique origins, we always got QUrl() and thus passed it
through.

With Qt 5.11.2, only missing origins (browser-initiated requests) get an empty
initiator, while unique origins get QUrl("null"):
https://codereview.qt-project.org/#/c/234849/
https://bugreports.qt.io/browse/QTBUG-69372

In theory, those should be locked down (as an unique origin is e.g. a sandboxed
iframe) and never have access to any other content.

However, thanks to a Qt bug, XHR on qute:// pages has QUrl("null") as origin as
long as the URL scheme is not registered. We can only do the registering once
Qt 5.12 is out.

Since unique origins were effectively already allowed on Qt 5.11.0/.1, we pass
them through here as well until Qt 5.12.

See #4198

doc/changelog.asciidoc

@@ -47,6 +47,7 @@ Changed
   DATADIR and MANDIR.
 - Various performance improvements when many tabs are opened.
 - Regenerating completion history now shows a progress dialog.
+- Make qute:// pages work properly on Qt 5.11.2
 
 Removed
 ~~~~~~~

qutebrowser/browser/webengine/webenginequtescheme.py

@@ -19,7 +19,7 @@
 
 """QtWebEngine specific qute://* handlers and glue code."""
 
-from PyQt5.QtCore import QBuffer, QIODevice
+from PyQt5.QtCore import QBuffer, QIODevice, QUrl
 from PyQt5.QtWebEngineCore import (QWebEngineUrlSchemeHandler,
                                    QWebEngineUrlRequestJob)
 
@@ -57,6 +57,10 @@ class QuteSchemeHandler(QWebEngineUrlSchemeHandler):
             # Added in Qt 5.11
             return True
 
+        if initiator == QUrl('null') and not qtutils.version_check('5.12'):
+            # WORKAROUND for https://bugreports.qt.io/browse/QTBUG-70421
+            return True
+
         if initiator.isValid() and initiator.scheme() != 'qute':
             log.misc.warning("Blocking malicious request from {} to {}"
                                 .format(initiator.toDisplayString(),